Intelligence artificielle 

Accélérez votre productivité. Catalyseur d’innovation. Collaborateur créatif. Quelle que soit votre vision de l’IA, Unisys fournit les solutions, l’expertise et les outils pour réaliser le plein potentiel commercial de votre entreprise.
Explorez

Cybersécurité

Unisys fournit des solutions commerciales avec une sécurité intégrée pour défendre vos actifs numériques, lutter contre les menaces, gagner la confiance des clients et répondre aux normes de conformité.
En savoir plus

Conseils

La nature du travail change. Faisons évoluer votre entreprise ensemble. Pérennisez votre entreprise avec les services de conseil d’Unisys et progressez en tant qu’entité axée sur le numérique.
Explorez

Témoignages clients

Découvrez des vidéos et des témoignages expliquant comment Unisys a aidé les entreprises et les gouvernements à améliorer la vie de leurs clients et de leurs citoyens.
Explorez

Recherche

Embarquez vers un avenir résilient grâce à l’accès à la recherche complète d’Unisys, développée en collaboration avec les meilleurs analystes et cabinets de recherche du secteur.
Explorez

Centre de ressources

Trouvez, partagez et explorez des ressources pour soutenir vos objectifs opérationnels clés.
Explorez

Carrières

Curiosité, créativité et un désir constant de s’améliorer. Nos collaborateurs façonnent l’avenir en allant au-delà de l’expertise pour donner vie à des solutions.
Explorez

Relations avec les investisseurs

Nous sommes une entreprise mondiale de solutions technologiques qui s’engage à faire progresser les plus grandes organisations du monde.
Explorez

Partenaires

Nous travaillons avec un réseau de partenaires pour fournir à nos clients des produits et services de pointe dans de nombreux secteurs parmi les plus importants au monde.
Explorez

Sélection de la langue

Le langage choisi actuellement est:

Française
    7 Min Read

    Embrace open banking with risk-relevant security solutions

    juin 29, 2022 / Jorge Andres Gomez

    Short on time? Read the key takeaways:

    • Open banking can increase opportunities for banks to increase customer offerings. But there is risk related to that increased capability.
    • Banks need to approach security differently to protect systems, data and customers.
    • To combat the systemic risk of open banking, security professionals need a new approach and solution.
    • By leveraging identity-driven access, advanced technologies and dynamic isolation, banks and financial institutions can leverage a Zero Trust security model to counter the systemic risks that open banking introduces.

    Banks need to approach security differently to protect systems, data and customers. Open banking can help. It opens the door to products, services, features and benefits that banks and financial services firms might otherwise have yet to offer to their customers.

    With those opportunities, however, comes increased risk. Addressing that risk is essential if institutions embrace open banking with confidence.

    Open banking increases risk by multiplying the interconnectivity between banks, providers, partners, vendors and customers. This interconnectivity introduces systemic risk. For instance, a security incident at one financial institution is more likely to propagate to other businesses if they are connected via open APIs. Interconnectivity also enables bad actors to access a bank’s core systems and databases via a connection with a third party.

    Banks need to approach security differently to protect systems, data and customers. Perimeter defenses are insufficient to respond to this new type of systemic risk. The perimeter is porous — if it exists at all. This does not come as a surprise: the IT perimeter has been getting increasingly porous for years as business has surged across virtual connections and into the cloud. Open banking is simply punching more holes into a perimeter that looks like Swiss cheese.

    To combat the systemic risk of open banking, security professionals need a new approach and solution. That comes in the form of a Zero Trust security model.

    Understanding Zero Trust

    Zero Trust is a hot topic today. Like many new terms, it can mean different things to different companies. At Unisys, we understand Zero Trust in this way: it is a security approach that treats everyone as an insider.

    A Zero Trust approach is necessary with open banking because interconnectivity with partners, vendors, and customers means that every person could theoretically gain access to sensitive data. Not that such access is purposefully granted, but the connections exist that make access possible. There is no perimeter to keep people out.

    Zero Trust also recognizes that, in addition to internal or external malicious actors, perfectly well-meaning employees can accidentally do bad things from time to time, whether that is clicking on a link in a phishing email or inadvertently exposing information. With no ill intention, such accidents can result in data breaches, regulatory audits and fines, fraud and reputational brand damage.

    Three components of Zero Trust security

    A Zero Trust security model has several components: identity-drive access, use of advanced technologies, and dynamic isolation. Let’s break those down.

    Data-driven access

    The first is identity-driven access. Verified identity — not a device or role — is the key that unlocks access to information. A user must authenticate their identity via security protocols such as biometrics to access the data appropriate for their role. For example, once verified, a bank customer would be granted access to his account, whereas a bank employee would be granted access to the various systems that pertain to her job.

    Use of advanced technologies

    Zero Trust security requires machine intelligence, behavioral analytics, network analytics and other advanced technologies to detect and respond to anomalous activity more quickly than possible for people. People can easily miss seeing a problem, particularly in its early stages. That same problem can be instantly identified in its nascent form through tools such as artificial intelligence, dramatically reducing the mean time to detect. In like manner, the mean time to respond — which may be hours, days, or even weeks when reliant upon people — can be near real-time when the system can automatically respond to address a breach, attack, or other questionable activity.

    Dynamic isolation

    Finally, a Zero Trust approach requires dynamic isolation. That is, once a problem is identified, it needs to be stopped in its tracks before it spreads. For example, if a piece of malware is pinpointed, the system needs to be able to quarantine the affected area before the malware explodes to take down the entire company. Or again, if a user suddenly starts engaging in unusual activities — such as accessing large amounts of personally identifiable information — the system needs to be able to shut the user out instantly. Dynamic isolation must occur in real-time, instead of waiting for a security professional to see and respond to the issue. The slightest delay can have devastating ramifications given the speed at which attacks occur or problems expand.

    By leveraging identity-driven access, advanced technologies and dynamic isolation, banks and financial institutions can leverage a Zero Trust security model to counter the systemic risks that open banking introduces. Connections with strategic vendors and partners can then be made with confidence, and the full benefits of open banking can be realized.

    If you’re ready to evolve your banking and financial service offerings and capabilities, visit us online or contact us today.